Digital receiver and method for receiving secure group data

ABSTRACT

A method and radio receiver are provided for receiving and deciphering RF signals having encrypted data information relevant to the receiver environment. According to one aspect of the present invention, the receiver includes an input for receiving an RF signal having a data stream including a key selector and encrypted data including a message, and a demodulator for demodulating the data stream and outputting encrypted data including the message. The receiver further includes a data decryption circuit including memory for storing one or more groups of decryption keys based on a characteristic of the receiver environment. The data decryption circuit selects a group decryption key based on the key selector and decrypts the message based on the selected group decryption key.

TECHNICAL FIELD

[0001] The present invention generally relates to radio receivers and,more particularly, to the communication and selection of secure data ina digital receiver, such as a digital radio frequency (RF) receiver in avehicle.

BACKGROUND OF THE INVENTION

[0002] Automotive vehicles are commonly equipped with audio radios forreceiving broadcast radio frequency (RF) signals and broadcasting audioinformation to passengers in the vehicle. More recently, satellite baseddigital audio radio (SDAR) services have become available that offerdigital radio service covering a large geographic area, such as NorthAmerica. Currently, a couple of satellite based digital audio radioservices are available in North America, both of which generally employeither geo-stationary orbit satellites or highly elliptical orbitsatellites that receive uplinked programming which, in turn, isrebroadcast directly to digital radios in vehicles on the ground thatsubscribe to the service. Additionally, a number of terrestrial (groundbased) transmission repeaters are currently employed in certain areassusceptible to satellite signal blockage to provide a clean anduninterrupted radio signal broadcast. Each vehicle subscribing to thedigital service generally includes a digital radio having a receiver andantennas for receiving the satellite and terrestrial signal broadcasts.

[0003] The radio receivers are programmed to receive and unscramble thedigital data signals, which typically include many channels of digitalaudio. In addition to broadcasting the encoded digital quality audiosignals, the satellite based digital audio radio service may alsotransmit data within a data bandwidth that may be used for variousapplications. The additional information may include information aboutthe broadcast, such as song title, artist, and genre of music fordisplay on the radio. The signal may also include further informationfor other reasons, such as advertising, informing the driver of warrantyissues, providing information about the broadcast audio information, andproviding news, sports, and entertainment broadcasting, in addition toother information. In addition to providing a general signaltransmission to subscribing members, the satellite based digital audioradio service may also make available data bandwidth to certain groups,such as vehicle manufacturers, to provide the ability for the vehiclemanufacturer to transmit data to select vehicles. In order to do so, itis generally desirable to be able to target the data communication tospecific types of vehicles and/or receivers. Some data may be verysensitive to the vehicle and related systems, thus requiring variouslevels of security.

[0004] There are many secure data communication techniques currentlyavailable to encrypt broadcast data, including secure keys, public keys,and public/private key methods. While data encryption techniques aregenerally employed in various data communication applications, it isdesirable to provide for a receiver and method for securelycommunicating data to selected groups of vehicles and/or receivers in avehicle.

SUMMARY OF THE INVENTION

[0005] In accordance with the teachings of the present invention, adigital radio receiver and method are provided for receiving a signalincluding a data stream having a key selector and encrypted dataincluding a message and deciphering information relevant to the receiverenvironment. According to one aspect of the present invention, thereceiver includes an input for receiving a signal having a data streamincluding a key selector and encrypted data including a message. Thereceiver further includes a data decryption circuit including memory forstoring one or more groups of decryption keys based on a characteristicof the receiver environment. The data decryption circuit selects a groupkey based on the key selector and decrypts the message based on theselected group key.

[0006] According to another aspect of the present invention, a methodfor decrypting an encoded data stream including a key selector andencrypted data including a message in a signal broadcast is provided.The method includes the steps of receiving a signal including a datastream having a key selector and encrypted data including a message, andproviding one or more groups of decryption keys based on acharacteristic of the receiving environment. The method also includes astep of selecting a group key based on the key selector. The methodfurther includes the step of decrypting the message based on theselected group key. Accordingly, the receiver and method of the presentinvention advantageously allow for the deciphering of secure informationintended for a targeted group of receivers, such as a group of vehicleseach equipped with a receiver.

[0007] These and other features, advantages and objects of the presentinvention will be further understood and appreciated by those skilled inthe art by reference to the following specification, claims and appendeddrawings.

BRIEF DESCRIPTION OF THE DRAWINGS

[0008] The present invention will now be described, by way of example,with reference to the accompanying drawings, in which:

[0009]FIG. 1 is a block diagram illustrating a vehicle equipped with adigital radio receiver for receiving RF signals broadcast by a digitalaudio radio service;

[0010]FIG. 2 is a block diagram illustrating a data decryption circuitin the radio receiver for decrypting encrypted messages;

[0011]FIG. 3 is a flow diagram illustrating a method of decrypting themessages according to the present invention;

[0012]FIG. 4 illustrates a data packet including a data message headerand encrypted data message;

[0013]FIG. 5 is a lookup table for storing a plurality of groups ofdecryption keys;

[0014]FIG. 6 is a block diagram illustrating decryption using aplurality of decryption keys according to one embodiment; and

[0015]FIG. 7 is a block diagram illustrating decryption using a masterdecryption key-according to another embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0016] Referring to FIG. 1, a vehicle 10 is generally illustrated havinga digital radio receiver 12 for receiving wireless RF signal broadcastsof a satellite based digital audio radio service (SDAR). The vehicle 10generally includes a satellite antenna 14 for receiving RF signalsbroadcast from satellite-based transmitters. Additionally, the vehicle10 is also shown equipped with a terrestrial antenna 16 for receiving RFdigital data signals broadcast from terrestrial (ground based)transmitters (repeaters). While satellite and terrestrial based antennas14 and 16, respectively, are shown and described herein, it should beappreciated that the vehicle 10 may be equipped with one or moreantennas for receiving broadcast RF digital data signals from a digitalaudio radio service that communicates a selector key and encrypted datamessage as described herein.

[0017] The digital radio receiver 12 is programmed to receive andunscramble primary and secondary service digital data signals. Theprimary service data typically includes the audio service, while thesecondary service data typically includes other information. The digitalradio receiver 12 include an RF tuner 18 receiving RF signals receivedby each of satellite antenna 14 and terrestrial antenna 16. The RF tuner18 selects a frequency bandwidth (channel) of digital audio to pass eachof the RF signals (SAT1, SAT2, and TERR) within a tuned frequencybandwidth received by the antennas 14 and 16. The digital radio receiver12 also includes a digital demodulator circuit 20 which receives analogsignals output from tuner 18 and creates a digital time divisionmultiplexed (TDM) data stream 22. The digital radio receiver 12 includesa source decoder circuit 24 that receives the time division multiplexeddata stream 22 and selects the information contained in designatedsignal channels for both audio and data information contained within thedata stream. The time division multiplexed data stream selection mayoccur prior to the source decoder circuit 24. The selected time divisionmultiplexed digital channels containing the digital primary serviceaudio information 26 are decompressed and passed on to an audiodigital-to-analog converter 28 for outputting an analog audio output 29for audio broadcast to passengers within the vehicle. The digital radioreceiver 12 has a microcontroller 30 communicating with the RF tuner 18,digital modulator circuit 20, source decoder circuit 24, and audiodigital-to-analog converter 28 by way of a communication bus.

[0018] The secondary service data including encrypted data 32 isseparated from the primary service audio information at or before sourcedecoder circuit 24. The digital radio receiver 12 of the presentinvention employs a data decryption circuit 36 for decrypting theencrypted data 32 as described herein. The data decryption circuit 36receives the digital data including the encrypted data 32 from decodercircuit 24 and a key selection control signal 34 from microcontroller30. By decrypting the encrypted data 32 with the use of decryption keysas described herein, selected secure data that is relevant to thereceiver environment may be obtained and presented in data output 38 tothe user of the digital radio receiver 12, such as a passenger in thevehicle 10.

[0019] Referring to FIG. 2, the data decryption circuit 36 is furtherillustrated including a microprocessor and memory 40. The microprocessormay include a conventional microprocessor having the capability forprocessing algorithms and data as described herein. The memory mayinclude read-only memory (ROM), random access memory (RAM), flashmemory, and other commercially available volatile and non-volatilememory devices. Stored and processed within the microprocessor memory 40are one or more decryption algorithm(s) 42 and groups of decryption keys44 as explained herein. The decryption keys 44 include groups ofdecryption keys that may be selected depending upon defined groupcriteria. According to one embodiment, the groups may include thevehicle manufacturer, the vehicle model, and the vehicle model year.Within each group of decryption keys, there are various individualdecryption keys stored in memory which may be selected based on a uniqueidentifier such as the vehicle identification number and/or receiveridentification number.

[0020] Referring to FIG. 3, a method 100 is illustrated for decryptingthe encrypted data message according to the present invention. Themethod 100 begins at step 102 and initializes the data decryptioncircuit in step 104. The initialization of the data decryption circuitincludes obtaining the radio (receiver) identification number (RIN) andthe vehicle identification number (VIN), which are unique identifiers ofthe digital radio receiver and vehicle, respectively. The radioidentification number may be obtained from the radio receiver itself,while the vehicle identification number may be obtained from a vehiclecontroller, such as the engine controller. Following the initializationstep 104, method 100 creates a unique decryption key based on the radioidentification number and the vehicle identification number in step 106.The unique decryption key may alternately be determined based on thevehicle identification number or radio identification number, instead ofthe combination. The unique decryption key is unique to the digitalradio receiver, and allows for private decryption to communicate securedata to a single receiver.

[0021] The method 100 uses the vehicle identification number to obtaingroup keys from a database stored in non-volatile memory in step 108.According to one embodiment, the database is a lookup table asillustrated in FIG. 5 which includes a plurality of groups of decryptionkeys labeled group key 1 through group key M. Each of the group keyslabeled key 1 through key M includes individual decryption keys 72.Within group key 1 are a plurality of decryption keys labeled key 11through key 1N. Likewise, group key 2 includes a plurality of decryptionkeys labeled key 21 through key 2N. The Mth group key labeled key Msimilarly includes a plurality of decryption keys labeled key M1 throughkey MN. Within each group key, N may or may not be the same number.

[0022] It should be appreciated that each of the groups in group key 1through group key M includes selectable decryption keys based on acharacteristic of the receiving environment, such as a characteristic ofthe vehicle. In one embodiment, one set of group keys (e.g., key 1) maybe based on the vehicle manufacturer (e.g., key 11=Chevy, key12=Pontiac, key 13=Saturn, key 14=Lincoln, key 15=Dodge, . . . , and key1N=Ford). Another group keys (e.g., key 2) may be based on the modeltype of vehicle (e.g., key 21=Chevy Tahoe, key 22=Chevy Monte Carlo, . .. , and key 2N=Chevy Malibu). A further group key (e.g., key M) may bebased on the model year of the vehicle (e.g., key M1=1998, key M2=1999,key M3=2000, key M4=2001, key M5=2002, . . . , and key MN=2030). Othergroups could include service providers who would target certainreceivers based on any number of factors, such as home area, gender, orcoupled service interface including telematics, navigation, local FM,etc.

[0023] Returning to FIG. 3, the method 100 stores specific group keys inthe digital radio receiver in step 110. In step 112, method 100 receivesand processes the data message. The data message is a data stream thatis shown in FIG. 4, according to one example. The data message includesa data message header 50 and encrypted data 60 which includes a message62. The data message header 50 includes non-encrypted data with keyselectors 52A-52M that select which group keys are to be employed todecrypt the encrypted data 60. The data message header 50 may alsocontain message length message identification, and other unencryptedinformation that may be required to define the message. Each of the keyselectors 52A-52M may include a binary bit of “0” or “1,” with a binarybit “1” indicating use of the corresponding group key, and a binary bit“0” representing non-use of the corresponding binary key. Additionally,the data message header 50 includes a unique key indicator whichindicates use of the key unique 74 stored in the digital radio receiverlookup table to communicate private secure messages. The encrypted data60 includes an encrypted message 62 which, with the use of theappropriate decryption key(s), may be decrypted and presented to thevehicle and/or passengers. Additionally, the encrypted data includes averification message 64 which verifies whether proper decryption of thedata has been performed.

[0024] Returning to FIG. 3, method 100 selects the appropriate keysbased on the message header in step 116. This is achieved by selectingthe appropriate decryption key from the memory lookup table for eachgroup key selector 52A-52M that has been set with a binary bit “1.” Theencrypted data message is then decoded based on the selected decryptionkeys in step 118. This includes applying known decryption techniques todecrypt the data message with the decryption algorithm associated witheach selected decryption key. Proceeding to decision step 120, method100 checks whether the decoded message is verified as okay by readingthe decrypted verification message 64 and determining if the decryptionwas proper. The decrypted verification message may include a cyclicredundant code (CRC) type check. If the decoded message is verified asokay, method 100 uses and/or outputs the decoded message withauthentication in step 122 before returning to step 112. If the messageis not verified as okay, method 100 returns to step 112 withoutauthentication. Authenticated messages are presented or made availableto the vehicle and its passengers. If the message is not authenticated,the message may be ignored.

[0025] Referring to FIG. 6, one example of a decryption circuit 80 isillustrated therein including three serial connectable shift registers82A-82C for selecting combinations of keys for decrypting the datamessage. The serial shift registers 82A-82C are interconnected viaswitches 84A-84D to connect combinations of decryption algorithms forkey 1, key 2, and key 3, respectively, in series. The switches 84A-84Dare controlled to selectively switch in or out each of the serial shiftregister algorithms 82A-82C by way of a header/key control algorithm 88.The header/key controller algorithm 88 may be processed by themicroprocessor and memory 40.

[0026] Referring to FIG. 7, a decryption circuit 80′ is shown accordingto a second embodiment employing a master key algorithm 90. The masterkey algorithm 90 is made up of multiple shift registers 92A-92C that usethe sum total of decryption key 1, key 2, and key 3, which are shownconnected in parallel via switches 94A-94C. The switches 94A-94C arecontrolled by way of header/key controller algorithm 98 which may beprocessed by the microprocessor and memory 40. The decryption circuit80′ provides a single master key 90 as a summation of the individualdecryption key 1 through key 3 to decrypt the data message according toknown decryption techniques.

[0027] The use of a master key is shown in FIG. 7 may require a morecomplex algorithm due to a larger bit encryption, whereas using multiplekeys as shown in FIG. 6 may use multiple, less complex algorithms. Itshould be appreciated that various decryption algorithms are known andmay be associated with the master key and individual decryption keys asshould be readily apparent to those skilled in the art. It shouldfurther be appreciated that the secure decryption keys can be constantor may change with time (rolling). With a rolling set of decryptionkeys, the data encryption may be more difficult to break. With a rollingset of keys, a time reading can be sent to the message headerinformation to indicate what rolling key to use.

[0028] Accordingly, the receiver and method of the present inventionadvantageously decrypts data based on a selected group or groups ofdecryption keys that are relevant to a characteristic of the receiverenvironment. The receiver and method are particularly useful for use ona vehicle 10 for communicating secure messages with passengers in thevehicle.

[0029] In the vehicle application, a vehicle manufacturer is able tocommunicate secure data to passengers in the vehicle which pertain to aselected vehicle manufacturer, vehicle model, vehicle model year, andother designated group classifications, so as to target certainvehicles, while the broadcast message is ignored by vehicles which donot have the characteristics specified in the selected group. Thisallows for multiple levels of message control by content suppliers anddoes not require that hardware manufacturers have a predetermineddecryption key in advance.

[0030] It will be understood by those who practice the invention andthose skilled in the art, that various modifications and improvementsmay be made to the invention without departing from the spirit of thedisclosed concept. The scope of protection afforded is to be determinedby the claims and by the breadth of interpretation allowed by law.

1. A digital receiver for receiving and deciphering signals containingsecure information, said receiver comprising: an input for receiving asignal comprising a data stream including a key selector and encrypteddata including a message; and a data decryption circuit comprisingmemory for storing one or more group decryption keys based on acharacteristic of the receiver environment, wherein the data decryptioncircuit selects a group decryption key based on the key selector anddecrypts the message based on the selected group decryption key.
 2. Thereceiver as defined in claim 1 further comprising a demodulator fordemodulating an RF signal containing the data stream and outputting theencrypted data including the message.
 3. The receiver as defined inclaim 1, wherein the receiver is located on a vehicle and thecharacteristic of the receiver environment comprises at least one of agroup characteristic of a vehicle model type and a vehicle model year.4. The receiver as defined in claim 3, wherein the data decryptioncircuit further includes a unique decryption key based on at least oneof a unique vehicle identification number and unique receiveridentification number, wherein said unique decryption key is used tofurther decrypt certain data.
 5. The receiver as defined in claim 1,wherein the input comprises an RF tuner.
 6. The receiver as defined inclaim 5, wherein the input further comprises an antenna.
 7. The receiveras defined in claim 1, wherein a plurality of decryption keys togetherform a master decryption key.
 8. A digital receiver on a vehicle forreceiving and deciphering RF signals containing secure information, saidreceiver comprising: an input for receiving an RF signal comprising adata stream including a key selector and encrypted data including amessage; a demodulator for demodulating the data stream and outputtingencrypted data including the message; and a data decryption circuitcomprising memory for storing a plurality of group decryption keys basedon a characteristic of the receiver environment, said groups ofdecryption keys including a vehicle model type and a vehicle model year,wherein the data decryption circuit selects at least one of the groupdecryption keys based on the key selector and decrypts the message basedon a selected group key.
 9. The receiver as defined in claim 8, whereinthe data decryption circuit further includes a unique decryption keybased on at least one of a unique vehicle identification number and aunique receiver identification number, wherein the unique decryption keyis used to further decrypt certain data.
 10. The receiver as defined inclaim 8, wherein the input comprises an RF tuner.
 11. A method fordecrypting an encrypted data stream including a key selector and amessage broadcast in a signal, said method comprising the steps of:receiving a signal comprising a data stream including a key selector andencrypted data including a message; providing one or more groups ofdecryption keys based on a characteristic of the receiving environment;selecting a group decryption key based on the key selector; anddecrypting the message based on the selected group key.
 12. The methodas defined in claim 11 further comprising the step of demodulating an RFsignal containing the data stream to provide the encrypted dataincluding the message.
 13. The method as defined in claim 11, whereinthe step of providing one or more groups of decryption keys comprisesproviding a decryption key based on at least one of a vehicle model typeand a vehicle model year.
 14. The method as defined in claim 11 furthercomprising the step of forming a master decryption key from a pluralityof decryption keys, wherein the master decryption key is used to decryptthe message.
 15. The method as defined in claim 11 further comprisingthe steps of receiving a unique decryption key based on at least one ofa unique vehicle identification number and a unique receiveridentification number, and decrypting further messages based on theunique encryption key.
 16. A method for decrypting an encrypted datastream in a receiver on a vehicle, said method comprising the steps of:receiving an RF signal via a receiver on a vehicle, said RF signalcomprising a data stream including a key selector and encrypted dataincluding a message; demodulating the data stream to provide theencrypted data including the message; providing a plurality of groups ofdecryption keys based on a characteristic of the vehicle, wherein theplurality of groups of decryption keys includes a vehicle model type anda vehicle model year; selecting at least one group key based on the keyselector; and decrypting the message based on the selected group key.17. The method as defined in claim 16 further comprising the step offorming a master decryption key from a plurality of decryption keys,wherein the master decryption key is used to decrypt the message. 18.The method as defined in claim 16 further comprising the steps ofreceiving a unique decryption key based on at least one of a uniquevehicle identification number and a unique receiver identificationnumber, and decrypting further messages based on the unique encryptionkey.